Intrusion detection systems as evidence
Computer Networks: The International Journal of Computer and Telecommunications Networking
Digital Evidence and Computer Crime
Digital Evidence and Computer Crime
Computer Forensics: Computer Crime Scene Investigation (Networking Series) (Networking Series)
Computer Forensics: Computer Crime Scene Investigation (Networking Series) (Networking Series)
Computer Law: The Law and Regulation of Information Technology
Computer Law: The Law and Regulation of Information Technology
Cyber Forensics: A Field Manual for Collecting, Examining, and Preserving Evidence of Computer Crimes
Digital Forensics and Crime Investigation: Legal Issues in Prosecution at National Level
SADFE '10 Proceedings of the 2010 Fifth IEEE International Workshop on Systematic Approaches to Digital Forensic Engineering
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Detecting malicious behaviour using supervised learning algorithms of the function calls
International Journal of Electronic Security and Digital Forensics
Hi-index | 0.00 |
With the recent escalating rise in cybercrime, firewall logs have attained much research focus in assessing their capability to serve as excellent evidence in digital forensics. Even though the main aim of firewalls is to screen or filter part or all network traffic, firewall logs could provide rich traffic information that could be used as evidence to prove or disprove the occurrence of online attack events for legal purposes. Since courts have a definition of what could be presented to it as evidence, this research investigates on the determinants for the acceptability of firewall logs as suitable evidence. Two commonly used determinants are tested using three different firewall-protected network scenarios. These determinants are: 1) admissibility that requires the evidence to satisfy certain legal requirements stipulated by the courts; 2) weight that represents the sufficiency and extent to which the evidence convinces the establishment of cybercrime attack.